Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2019-17021
HistoryJan 08, 2020 - 12:00 a.m.

CVE-2019-17021

2020-01-0800:00:00
ubuntu.com
ubuntu.com
10

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

0.008 Low

EPSS

Percentile

81.6%

JSON

During the initialization of a new content process, a race condition occurs
that can allow a content process to disclose heap addresses from the parent
process. Note: this issue only occurs on Windows. Other operating systems
are unaffected.. This vulnerability affects Firefox ESR < 68.4 and Firefox
< 72.

Notes

Author Note
tyhicks mozjs contains a copy of the SpiderMonkey JavaScript engine

Related

prion 1
nvd 1
redhatcve 1
debiancve 1
cve 1
cvelist 1
openvas 10
nessus 9
kaspersky 3
mozilla 3
altlinux 2
suse 2
slackware 1
prion
prion
Race condition
2020-01-08 22:15:00
nvd
nvd
CVE-2019-17021
2020-01-08 22:15:12
redhatcve
redhatcve
CVE-2019-17021
2020-01-07 23:09:07
debiancve
debiancve
CVE-2019-17021
2020-01-08 22:15:12
cve
cve
CVE-2019-17021
2020-01-08 22:15:12
cvelist
cvelist
CVE-2019-17021
2020-01-08 21:29:40
openvas
openvas
Mozilla Firefox ESR Security Advisories (MFSA2020-01, MFSA2020-02) - Windows
2020-01-08 00:00:00
openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2020:0094_1)
2020-01-27 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2020-04) - Windows
2020-01-14 00:00:00
nessus
nessus
Mozilla Firefox ESR < 68.4 Multiple Vulnerabilities
2020-01-08 00:00:00
openSUSE Security Update : MozillaFirefox (openSUSE-2020-60)
2020-01-16 00:00:00
Slackware 14.2 / current : mozilla-thunderbird (SSA:2020-010-01)
2020-01-13 00:00:00
kaspersky
kaspersky
KLA11629 Multiple vulnerabilities in Mozilla Firefox ESR
2020-01-07 00:00:00
KLA11635 Multiple vulnerabilities in Mozilla Thunderbird
2020-01-10 00:00:00
KLA11628 Multiple vulnerabilities in Mozilla Firefox
2020-01-07 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 68.4 — Mozilla
2020-01-07 00:00:00
Security Vulnerabilities fixed in Thunderbird 68.4.1 — Mozilla
2020-01-10 00:00:00
Security Vulnerabilities fixed in Firefox 72 — Mozilla
2020-01-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 68.4.1-alt1
2020-01-08 00:00:00
Security fix for the ALT Linux 10 package thunderbird version 68.4.1-alt1
2020-01-11 00:00:00
suse
suse
Security update for MozillaThunderbird (important)
2020-01-22 00:00:00
Security update for MozillaFirefox (important)
2020-01-15 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2020-01-11 00:19:13

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

0.008 Low

EPSS

Percentile

81.6%

JSON
Related for UB:CVE-2019-17021
prion1nvd1redhatcve1debiancve1cve1cvelist1openvas10nessus9kaspersky3mozilla3altlinux2suse2slackware1